Saturday, January 31, 2009

Easto Trojan

Easto malware description and removal detail
Categories:Trojan

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Easto:

An up-to-date copy of ExterminateIt should detect and prevent infection from Easto.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Easto manually.

To completely manually remove Easto malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Easto.

  1. Use Task Manager to terminate the Easto process.
  2. Delete the original Easto file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Easto from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Easto!


Also Be Aware of the Following Threats:
Removing servexploit143 RAT
Win32.Exploit.Rally Trojan Removal instruction
Removing TrojanDownloader.Win32.Swizzor.bj Downloader

KGB.Spy.Software Spyware

KGB.Spy.Software malware description and removal detail
Categories:Spyware
Also known as:

[Kaspersky]Monitor.Win32.KGBSpy.34

Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\KGB Keylogger\winlogon.dll
[%DESKTOP%]\KGB Spy.lnk
[%PROGRAM_FILES%]\KGB Keylogger\winlogon.dll
[%DESKTOP%]\KGB Spy.lnk

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting KGB.Spy.Software:

Files:
[%PROGRAM_FILES%]\KGB Keylogger\winlogon.dll
[%DESKTOP%]\KGB Spy.lnk
[%PROGRAM_FILES%]\KGB Keylogger\winlogon.dll
[%DESKTOP%]\KGB Spy.lnk

Folders:
[%PROGRAM_FILES%]\kgb spy
[%COMMON_PROGRAMS%]\KGB Spy
[%PROGRAMS%]\kgb spy

Registry Keys:
HKEY_CURRENT_USER\software\kgb spy
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\kgb spy

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing KGB.Spy.Software:

An up-to-date copy of ExterminateIt should detect and prevent infection from KGB.Spy.Software.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove KGB.Spy.Software manually.

To completely manually remove KGB.Spy.Software malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with KGB.Spy.Software.

  1. Use Task Manager to terminate the KGB.Spy.Software process.
  2. Delete the original KGB.Spy.Software file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes KGB.Spy.Software from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of KGB.Spy.Software!


Also Be Aware of the Following Threats:
Bat.tally Trojan Symptoms
Pop.com Tracking Cookie Symptoms
JS.IEStart.gen Trojan Information

Vxidl.APP Trojan

Vxidl.APP malware description and removal detail
Categories:Trojan

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Vxidl.APP:

An up-to-date copy of ExterminateIt should detect and prevent infection from Vxidl.APP.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Vxidl.APP manually.

To completely manually remove Vxidl.APP malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Vxidl.APP.

  1. Use Task Manager to terminate the Vxidl.APP process.
  2. Delete the original Vxidl.APP file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Vxidl.APP from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Vxidl.APP!


Also Be Aware of the Following Threats:
Remove AJRotator Tracking Cookie
Adtrix Tracking Cookie Cleaner
BCB Trojan Removal
Removing CredCell Hoax
Removing SillyDl.DAL Trojan

FlashTrack Adware

FlashTrack malware description and removal detail
Categories:Adware,BHO
Also known as:

[Panda]Adware/FlashTrack;
[Other]Adware.Flashtrack

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\temp\r.exe
[%PROFILE_TEMP%]\8.exe\8.exe
[%SYSTEM%]\flcp.dll
[%SYSTEM%]\flt.dll
[%SYSTEM%]\ftapp.dll
[%WINDOWS%]\system\flcp.dll
[%WINDOWS%]\system\flt.dll
[%WINDOWS%]\system\ftapp.dll
[%WINDOWS%]\temp\r.exe
[%PROFILE_TEMP%]\8.exe\8.exe
[%SYSTEM%]\flcp.dll
[%SYSTEM%]\flt.dll
[%SYSTEM%]\ftapp.dll
[%WINDOWS%]\system\flcp.dll
[%WINDOWS%]\system\flt.dll
[%WINDOWS%]\system\ftapp.dll

In order to ensure that the FlashTrack is launched automatically each time the system is booted, the FlashTrack adds a link to its executable file in the system registry:
HKLM\Microsoft\Windows\CurrentVersion\Run
[%WINDOWS%]\temp\r.exe
[%PROFILE_TEMP%]\8.exe\8.exe

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting FlashTrack:

Files:
[%WINDOWS%]\temp\r.exe
[%PROFILE_TEMP%]\8.exe\8.exe
[%SYSTEM%]\flcp.dll
[%SYSTEM%]\flt.dll
[%SYSTEM%]\ftapp.dll
[%WINDOWS%]\system\flcp.dll
[%WINDOWS%]\system\flt.dll
[%WINDOWS%]\system\ftapp.dll
[%WINDOWS%]\temp\r.exe
[%PROFILE_TEMP%]\8.exe\8.exe
[%SYSTEM%]\flcp.dll
[%SYSTEM%]\flt.dll
[%SYSTEM%]\ftapp.dll
[%WINDOWS%]\system\flcp.dll
[%WINDOWS%]\system\flt.dll
[%WINDOWS%]\system\ftapp.dll

Folders:
[%PROGRAM_FILES%]\flt
[%PROGRAM_FILES%]\ftk
[%PROGRAM_FILES%]\reg2
[%PROGRAM_FILES%]\xml
[%PROGRAM_FILES%]\xmod
[%PROGRAM_FILES%]\fla
[%PROGRAM_FILES%]\ftapp

Registry Keys:
HKEY_CLASSES_ROOT\interface\{6e83ae1c-f69c-4aed-af98-d23c24c6fa4b}
HKEY_CLASSES_ROOT\typelib\{7955ea20-e0d6-4a77-88b6-120674d979ea}
HKEY_LOCAL_MACHINE\software\classes\interface\{6e83ae1c-f69c-4aed-af98-d23c24c6fa4b}
HKEY_LOCAL_MACHINE\software\classes\typelib\{7955ea20-e0d6-4a77-88b6-120674d979ea}
HKEY_LOCAL_MACHINE\software\flt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{665ACD90-4541-4836-9FE4-062386BB8F05}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ftapp
HKEY_CLASSES_ROOT\bredobj.bredobj
HKEY_CLASSES_ROOT\bredobj.bredobj.1
HKEY_CLASSES_ROOT\clsid\{63cf97e8-4133-438a-a831-cc9c6d47d673}
HKEY_CLASSES_ROOT\clsid\{665acd90-4541-4836-9fe4-062386bb8f05}
HKEY_CLASSES_ROOT\clsid\{7371f073-ac0f-4b80-bb2f-96a488cefb32}
HKEY_CLASSES_ROOT\clsid\{7955ea20-e0d6-4a77-88b6-120674d979ea}
HKEY_CLASSES_ROOT\interface\{06542764-7bb2-412b-80d6-d103d1474c93}
HKEY_CLASSES_ROOT\interface\{baef4039-3c02-4c9e-a2f4-87b513ab0e87}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{63cf97e8-4133-438a-a831-cc9c6d47d673}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{665acd90-4541-4836-9fe4-062386bb8f05}
HKEY_CLASSES_ROOT\typelib\{db9f4c00-65e8-4fa1-917b-e4844ddf5909}
HKEY_CLASSES_ROOT\typelib\{e6c71e83-e02b-4bc4-958d-a9194916ec19}
HKEY_LOCAL_MACHINE\software\classes\clsid\{63cf97e8-4133-438a-a831-cc9c6d47d673}
HKEY_LOCAL_MACHINE\software\classes\clsid\{665acd90-4541-4836-9fe4-062386bb8f05}
HKEY_LOCAL_MACHINE\software\classes\clsid\{7371f073-ac0f-4b80-bb2f-96a488cefb32}
HKEY_LOCAL_MACHINE\software\classes\interface\{06542764-7bb2-412b-80d6-d103d1474c93}
HKEY_LOCAL_MACHINE\software\classes\interface\{baef4039-3c02-4c9e-a2f4-87b513ab0e87}
HKEY_LOCAL_MACHINE\software\classes\typelib\{db9f4c00-65e8-4fa1-917b-e4844ddf5909}
HKEY_LOCAL_MACHINE\software\classes\typelib\{e6c71e83-e02b-4bc4-958d-a9194916ec19}
HKEY_LOCAL_MACHINE\software\ftapp
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{63cf97e8-4133-438a-a831-cc9c6d47d673}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{665acd90-4541-4836-9fe4-062386bb8f05}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{7371f073-ac0f-4b80-bb2f-96a488cefb32}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d7e588ab-a5d9-4422-b313-22a3470f9700}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\flt
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\rvp
HKEY_LOCAL_MACHINE\software\persistent bytes
HKEY_LOCAL_MACHINE\software\rvp

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\reg2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\reg2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xmod
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xmod
HKEY_LOCAL_MACHINE\software\netfilter
HKEY_LOCAL_MACHINE\software\netfilter
HKEY_LOCAL_MACHINE\software\netfilter
HKEY_LOCAL_MACHINE\software\netfilter
HKEY_LOCAL_MACHINE\software\netfilter
HKEY_LOCAL_MACHINE\software\netfilter
HKEY_LOCAL_MACHINE\software\netfilter
HKEY_LOCAL_MACHINE\software\netfilter
HKEY_LOCAL_MACHINE\software\xml
HKEY_LOCAL_MACHINE\software\xml
HKEY_LOCAL_MACHINE\software\xml
HKEY_LOCAL_MACHINE\software\xml
HKEY_LOCAL_MACHINE\software\xml

Removing FlashTrack:

An up-to-date copy of ExterminateIt should detect and prevent infection from FlashTrack.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove FlashTrack manually.

To completely manually remove FlashTrack malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with FlashTrack.

  1. Use Task Manager to terminate the FlashTrack process.
  2. Delete the original FlashTrack file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes FlashTrack from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of FlashTrack!


Also Be Aware of the Following Threats:
Carnage Trojan Symptoms

QuickButton Trojan

QuickButton malware description and removal detail
Categories:Trojan,Adware
Also known as:

[Kaspersky]Adware.Win32.AdHelper.ay,AdWare.Win32.AdHelper.gen,Trojan-Dwonloader.Win32.QQHelper.gb,Trojan-Downloader.Win32.QQHelper.gen,AdWare.Win32.AdHelper.cz;
[McAfee]Generic Downloader.h,Backdoor-CVM;
[F-Prot]W32/Downloader.AAWI;
[Other]Infostealer,Backdoor.CVM,Trojan-Downloader.win32.QQHelper.ce,Win32/QQHelp.N,Adware.Adhelper,Win32/Sillydl.AHL,Win32/SillyDl.AHL,Win32/QQHelp.J,Win32/QQHelpBP,Downloader

Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES_COMMON%]\System\Updaterun.exe
[%SYSTEM%]\advport.dll
[%SYSTEM%]\nt.sys
[%SYSTEM%]\Score.txt
[%SYSTEM%]\wbem\ocmor.dat
[%SYSTEM%]\wbem\ocmor.dll
[%PROGRAM_FILES%]\CoolWebsite\QuickLink.dll
[%PROGRAM_FILES%]\CoolWebsite\uninst.exe
[%SYSTEM%]\bind_40255.exe
[%SYSTEM%]\spted.dll
[%SYSTEM%]\wbem\IRJIT.dll
[%PROGRAM_FILES_COMMON%]\System\Updaterun.exe
[%SYSTEM%]\advport.dll
[%SYSTEM%]\nt.sys
[%SYSTEM%]\Score.txt
[%SYSTEM%]\wbem\ocmor.dat
[%SYSTEM%]\wbem\ocmor.dll
[%PROGRAM_FILES%]\CoolWebsite\QuickLink.dll
[%PROGRAM_FILES%]\CoolWebsite\uninst.exe
[%SYSTEM%]\bind_40255.exe
[%SYSTEM%]\spted.dll
[%SYSTEM%]\wbem\IRJIT.dll

In order to ensure that the QuickButton is launched automatically each time the system is booted, the QuickButton adds a link to its executable file in the system registry:
HKLM\Microsoft\Windows\CurrentVersion\Run
[%PROGRAM_FILES_COMMON%]\System\Updaterun.exe
[%PROGRAM_FILES%]\CoolWebsite\uninst.exe
[%SYSTEM%]\bind_40255.exe

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting QuickButton:

Files:
[%PROGRAM_FILES_COMMON%]\System\Updaterun.exe
[%SYSTEM%]\advport.dll
[%SYSTEM%]\nt.sys
[%SYSTEM%]\Score.txt
[%SYSTEM%]\wbem\ocmor.dat
[%SYSTEM%]\wbem\ocmor.dll
[%PROGRAM_FILES%]\CoolWebsite\QuickLink.dll
[%PROGRAM_FILES%]\CoolWebsite\uninst.exe
[%SYSTEM%]\bind_40255.exe
[%SYSTEM%]\spted.dll
[%SYSTEM%]\wbem\IRJIT.dll
[%PROGRAM_FILES_COMMON%]\System\Updaterun.exe
[%SYSTEM%]\advport.dll
[%SYSTEM%]\nt.sys
[%SYSTEM%]\Score.txt
[%SYSTEM%]\wbem\ocmor.dat
[%SYSTEM%]\wbem\ocmor.dll
[%PROGRAM_FILES%]\CoolWebsite\QuickLink.dll
[%PROGRAM_FILES%]\CoolWebsite\uninst.exe
[%SYSTEM%]\bind_40255.exe
[%SYSTEM%]\spted.dll
[%SYSTEM%]\wbem\IRJIT.dll

Folders:
[%PROGRAM_FILES%]\coolsign
[%PROGRAM_FILES_COMMON%]\UPDAT

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{d1bb7cf4-4463-4e91-88d7-ecc3ce0a13b7}
HKEY_CLASSES_ROOT\quickbutton.quickbtn
HKEY_CLASSES_ROOT\sss1.sss2.1
HKEY_CLASSES_ROOT\{d1bb7cf4-4463-4e91-88d7-ecc3ce0a13b7}
HKEY_LOCAL_MACHINE\software\divnet
HKEY_LOCAL_MACHINE\software\lamp
HKEY_LOCAL_MACHINE\software\microsoft\directoutput
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{1d901067-2529-4a9b-9b6b-7a1db3a44cb5}
HKEY_LOCAL_MACHINE\software\microsoft\studio
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\coolsign
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_barcase
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\barcase
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\barcase
HKEY_CLASSES_ROOT\interface\{0083de51-eb2e-4521-a95c-735d8e563373}
HKEY_CLASSES_ROOT\ssss1.ssss2.1
HKEY_CLASSES_ROOT\typelib\{933db9d6-9447-4efe-aba2-eaf3b309b44c}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d1bb7cf4-4463-4e91-88d7-ecc3ce0a13b7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\quicklink
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_atwork
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dateing
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_ipdodrg
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_iunag
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_soscar
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\atwork
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dateing
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\dateing
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\soscar
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\ipdodrg
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\iunag
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\soscar

Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\internet explorer\extensions\cmdmapping
HKEY_CURRENT_USER\software\microsoft\internet explorer\typedurls
HKEY_CURRENT_USER\software\microsoft\internet explorer\typedurls
HKEY_CURRENT_USER\software\microsoft\internet explorer\typedurls
HKEY_CURRENT_USER\software\microsoft\internet explorer\typedurls
HKEY_CURRENT_USER\software\microsoft\internet explorer\typedurls
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\license\parameters
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\templates\parameters

Removing QuickButton:

An up-to-date copy of ExterminateIt should detect and prevent infection from QuickButton.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove QuickButton manually.

To completely manually remove QuickButton malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with QuickButton.

  1. Use Task Manager to terminate the QuickButton process.
  2. Delete the original QuickButton file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes QuickButton from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of QuickButton!


Also Be Aware of the Following Threats:
Pigeon.BAQ Trojan Cleaner
AdwareSoft Adware Symptoms
Ayan.Bilisim RAT Removal instruction

Geek Trojan

Geek malware description and removal detail
Categories:Trojan,Backdoor,Downloader,DoS
Also known as:

[Kaspersky]Geek.450

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Geek:

An up-to-date copy of ExterminateIt should detect and prevent infection from Geek.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Geek manually.

To completely manually remove Geek malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Geek.

  1. Use Task Manager to terminate the Geek process.
  2. Delete the original Geek file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Geek from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Geek!


Also Be Aware of the Following Threats:
Autorun Malware Malware Removal
UglySkinEngine Backdoor Information
DigitalM Trojan Symptoms

Twitch Trojan

Twitch malware description and removal detail
Categories:Trojan
Also known as:

[Kaspersky]Win16.Twitch;
[Eset]Twitch virus;
[McAfee]Twitch;
[Panda]Univ.B;
[Computer Associates]Win.Twich

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Twitch:

An up-to-date copy of ExterminateIt should detect and prevent infection from Twitch.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Twitch manually.

To completely manually remove Twitch malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Twitch.

  1. Use Task Manager to terminate the Twitch process.
  2. Delete the original Twitch file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Twitch from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Twitch!


Also Be Aware of the Following Threats:
Prorpse Trojan Information
Strange Trojan Information

Stomcc Adware

Stomcc malware description and removal detail
Categories:Adware,Downloader
Also known as:

[Kaspersky]Trojan-Downloader.Win32.Small.jl;
[McAfee]Downloader-TS;
[Other]Download.Adware

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Stomcc:

An up-to-date copy of ExterminateIt should detect and prevent infection from Stomcc.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Stomcc manually.

To completely manually remove Stomcc malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Stomcc.

  1. Use Task Manager to terminate the Stomcc process.
  2. Delete the original Stomcc file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Stomcc from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Stomcc!


Also Be Aware of the Following Threats:
BatFtpDownloader Downloader Information
Remove Moonpie.10b Backdoor

Progenic RAT

Progenic malware description and removal detail
Categories:RAT

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Progenic:

An up-to-date copy of ExterminateIt should detect and prevent infection from Progenic.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Progenic manually.

To completely manually remove Progenic malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Progenic.

  1. Use Task Manager to terminate the Progenic process.
  2. Delete the original Progenic file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Progenic from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Progenic!


Also Be Aware of the Following Threats:
ugo.com Tracking Cookie Removal
Caracas Trojan Cleaner
Vxidl.ANS Trojan Symptoms
Removing Bancos.HHZ Trojan

BO2K.plugin.rcgi RAT

BO2K.plugin.rcgi malware description and removal detail
Categories:RAT

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing BO2K.plugin.rcgi:

An up-to-date copy of ExterminateIt should detect and prevent infection from BO2K.plugin.rcgi.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove BO2K.plugin.rcgi manually.

To completely manually remove BO2K.plugin.rcgi malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with BO2K.plugin.rcgi.

  1. Use Task Manager to terminate the BO2K.plugin.rcgi process.
  2. Delete the original BO2K.plugin.rcgi file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes BO2K.plugin.rcgi from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of BO2K.plugin.rcgi!


Also Be Aware of the Following Threats:
Remove Laurel.Netster Tracking Cookie
Pigeon.AVMH Trojan Symptoms
Bancos.GKX Trojan Removal instruction

Small.aba Trojan

Small.aba malware description and removal detail
Categories:Trojan

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Small.aba:

An up-to-date copy of ExterminateIt should detect and prevent infection from Small.aba.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Small.aba manually.

To completely manually remove Small.aba malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Small.aba.

  1. Use Task Manager to terminate the Small.aba process.
  2. Delete the original Small.aba file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Small.aba from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Small.aba!


Also Be Aware of the Following Threats:
Remove StartNow.HyperBar Adware

Oirsbot Trojan

Oirsbot malware description and removal detail
Categories:Trojan
Also known as:

[Kaspersky]Backdoor.Win32.IRCBot.vo;
[McAfee]W32/Rezolbot.worm;
[Other]Win32/Oirsbot.A,Win32/Oirsbot.B,W32.Spybot.Worm,Win32/Oirsbot!generic,W32.IRCBot

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\igfxinit.exe
[%SYSTEM%]\igfxinit.exe

In order to ensure that the Oirsbot is launched automatically each time the system is booted, the Oirsbot adds a link to its executable file in the system registry:
HKLM\Microsoft\Windows\CurrentVersion\Run
[%SYSTEM%]\igfxinit.exe

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting Oirsbot:

Files:
[%SYSTEM%]\igfxinit.exe
[%SYSTEM%]\igfxinit.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Oirsbot:

An up-to-date copy of ExterminateIt should detect and prevent infection from Oirsbot.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Oirsbot manually.

To completely manually remove Oirsbot malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Oirsbot.

  1. Use Task Manager to terminate the Oirsbot process.
  2. Delete the original Oirsbot file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Oirsbot from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Oirsbot!


Also Be Aware of the Following Threats:
Removing Win32.OICQSearch Trojan
Remove Hiwaga.Dropper!Dropper Trojan
Removing Buschtrommel.Alpha Trojan
Lid BHO Removal instruction
Pigeon.ELQ Trojan Cleaner

Bancos.HOO Trojan

Bancos.HOO malware description and removal detail
Categories:Trojan

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Bancos.HOO:

An up-to-date copy of ExterminateIt should detect and prevent infection from Bancos.HOO.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Bancos.HOO manually.

To completely manually remove Bancos.HOO malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.HOO.

  1. Use Task Manager to terminate the Bancos.HOO process.
  2. Delete the original Bancos.HOO file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Bancos.HOO from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Bancos.HOO!


Also Be Aware of the Following Threats:
Bancos.FXH Trojan Cleaner
Remote.Commander RAT Cleaner
MyWebSearch.Toobar Toolbar Symptoms

W95.Segax Trojan

W95.Segax malware description and removal detail
Categories:Trojan
Also known as:

[Kaspersky]Win32.Segax.1136;
[McAfee]W95/Segax;
[F-Prot]W32/Segax.1136;
[Panda]W32/Segax.1136;
[Computer Associates]Win32/Segax,Win95.Segax.1160

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing W95.Segax:

An up-to-date copy of ExterminateIt should detect and prevent infection from W95.Segax.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove W95.Segax manually.

To completely manually remove W95.Segax malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with W95.Segax.

  1. Use Task Manager to terminate the W95.Segax process.
  2. Delete the original W95.Segax file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes W95.Segax from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of W95.Segax!


Also Be Aware of the Following Threats:
Remove Bancos.GSU Trojan

DialerFactory Adware

DialerFactory malware description and removal detail
Categories:Adware

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing DialerFactory:

An up-to-date copy of ExterminateIt should detect and prevent infection from DialerFactory.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove DialerFactory manually.

To completely manually remove DialerFactory malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with DialerFactory.

  1. Use Task Manager to terminate the DialerFactory process.
  2. Delete the original DialerFactory file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes DialerFactory from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of DialerFactory!


Also Be Aware of the Following Threats:
New.Net Trojan Symptoms
Small.fk Trojan Removal instruction
Removing Sod Trojan
WurldMedia.MPohs Hijacker Cleaner
Pigeon.EHU Trojan Symptoms

CmosKiller Trojan

CmosKiller malware description and removal detail
Categories:Trojan
Also known as:

[Kaspersky]Trojan.DOS.Cmos24;
[McAfee]CMOS Reset;
[Panda]Trj/CmosKiller.d,Trojan Horse;
[Computer Associates]CmosKiller.D,Killcm.D!Trojan,CmosKiller!Trojan;
[Other]DOS/CmosKiller.E,CmosKill Trojan (1),Trojan:Win32/Cmos24

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing CmosKiller:

An up-to-date copy of ExterminateIt should detect and prevent infection from CmosKiller.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove CmosKiller manually.

To completely manually remove CmosKiller malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with CmosKiller.

  1. Use Task Manager to terminate the CmosKiller process.
  2. Delete the original CmosKiller file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes CmosKiller from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of CmosKiller!


Also Be Aware of the Following Threats:
Tambu.UDP.Scrambler Trojan Cleaner

Lycos.Boot.Helper Trojan

Lycos.Boot.Helper malware description and removal detail
Categories:Trojan

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Lycos.Boot.Helper:

An up-to-date copy of ExterminateIt should detect and prevent infection from Lycos.Boot.Helper.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Lycos.Boot.Helper manually.

To completely manually remove Lycos.Boot.Helper malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Lycos.Boot.Helper.

  1. Use Task Manager to terminate the Lycos.Boot.Helper process.
  2. Delete the original Lycos.Boot.Helper file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Lycos.Boot.Helper from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Lycos.Boot.Helper!


Also Be Aware of the Following Threats:
BAT.Winrip Trojan Cleaner
adverticum.net Tracking Cookie Symptoms

ELF.Siilov Trojan

ELF.Siilov malware description and removal detail
Categories:Trojan,Backdoor,Downloader,DoS
Also known as:

[Kaspersky]Linux.Siilov.5916;
[Panda]Univ.A;
[Computer Associates]Linux/Siilov

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing ELF.Siilov:

An up-to-date copy of ExterminateIt should detect and prevent infection from ELF.Siilov.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove ELF.Siilov manually.

To completely manually remove ELF.Siilov malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with ELF.Siilov.

  1. Use Task Manager to terminate the ELF.Siilov process.
  2. Delete the original ELF.Siilov file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes ELF.Siilov from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of ELF.Siilov!


Also Be Aware of the Following Threats:
Gunther Trojan Symptoms
Win32.TrojanDropper.MultiBinder Trojan Cleaner
SillyDl.CUX Trojan Cleaner